Absolutely a "real" message from Comcast (see below).
Think they really have reason to think there's something on my end, or did everyone get this same message?
On my network are two Intel iMacs, a mini, and an MBA all running Snow.
I think there may be a dataphone connecting but I don't know what kind.

QuoteComcast Customer Central
Constant Guard™ Alert
Dear XFINITY Customer,
Constant Guard from XFINITY identified that one or more of your computers may be infected with a bot. A bot is a malicious form of software that is used to send spam, host a phishing site, or steal your identity by monitoring your keystrokes without your knowledge. It may be possible you are unaware that your computer is infected with a bot.
We strongly recommend you visit XFINITY.com/BotAssistance for important information on how to remove malicious software from your computer(s).
We appreciate your prompt attention to this important security notice.
Sincerely,
Constant Guard from XFINITY
This is a service-related email. Comcast will occasionally send you service-related emails to inform you of service upgrades or new benefits to your Comcast High-Speed Internet service.

Copyright 2011. Comcast. All other trademarks are properties of their respective owners.

Thanks. I was leaning about 70/30 towards BS-- other opinions help.
I did have a rough hour or two last night where lots of things wouldn't load and I'd get a Comcast search page (why?) instead of a link that looked like it ought to work fine-- which adds a little element of nag to the 30% . . .

I received one of those about a week ago. I ignored it and have had no repercussions.

QuoteBlack
Absolutely a "real" message from Comcast (see below).
Think they really have reason to think there's something on my end, or did everyone get this same message?
On my network are two Intel iMacs, a mini, and an MBA all running Snow.
I think there may be a dataphone connecting but I don't know what kind.

QuoteComcast Customer Central
Constant Guard™ Alert
Dear XFINITY Customer,
Constant Guard from XFINITY identified that one or more of your computers may be infected with a bot. A bot is a malicious form of software that is used to send spam, host a phishing site, or steal your identity by monitoring your keystrokes without your knowledge. It may be possible you are unaware that your computer is infected with a bot.
We strongly recommend you visit XFINITY.com/BotAssistance for important information on how to remove malicious software from your computer(s).
We appreciate your prompt attention to this important security notice.
Sincerely,
Constant Guard from XFINITY
This is a service-related email. Comcast will occasionally send you service-related emails to inform you of service upgrades or new benefits to your Comcast High-Speed Internet service.

Copyright 2011. Comcast. All other trademarks are properties of their respective owners.

Quotehal
call them and ask them for the MAC address of the infected computer. If they REALLY have detected a bug, they'll have the MAC address for it...

I'm not sure how Comcast would have a MAC address from a device on the private LAN. MAC addresses aren't routable. Or so I thought anyway. Comcast won't have your internal IP addresses either to identify the problem computer. WIthout an internal IP or MAC address, how would Comcast be able to identify the specific device?

Black,
Since the IPs are dynamic, perhaps someone who recently had your IP address was causing problems from their botnet infection. Then again, perhaps it was simply a false positive.

Quotehal
call them and ask them for the MAC address of the infected computer. If they REALLY have detected a bug, they'll have the MAC address for it...

I'm not sure how Comcast would have a MAC address from a device on the private LAN. MAC addresses aren't routable. Or so I thought anyway. Comcast won't have your internal IP addresses either to identify the problem computer. WIthout an internal IP or MAC address, how would Comcast be able to identify the specific device?

Black,
Since the IPs are dynamic, perhaps someone who recently had your IP address was causing problems from their botnet infection. Then again, perhaps it was simply a false positive.

Thanks. I was also kind of baffled as to how they could see MAC addresses. They'd have to log into my router, no?

I get one of these Comcast warning messages every time I engage the Tor network, via an app called Vidalia, to scramble detection, when I'm in the Bit Torrent world, otherwise, I get flagged as a copyright-infringing suspect. I think that process might look to Comcast like there's some suspicious activity going on, with behavior similar to a virus or malware. Even though I'm not infected.

I was only in Bit Torrent for three hours, with the Tor Network engaged, the other day, after being inactive for a month, and next day, sure enough, got another one of these Comcast notices.

Either way, Comcast seems to be able to detect some unwanted or irregular activity anytime I use Bit Torrent for any reason, for any length of time. When I don't use Bit Torrent, I never get messages from Comcast.

Quoteguitarist
I get one of these Comcast warning messages every time I engage the Tor network, via an app called Vidalia, to scramble detection, when I'm in the Bit Torrent world, otherwise, I get flagged as a copyright-infringing suspect. I think that process might look to Comcast like there's some suspicious activity going on, with behavior similar to a virus or malware. Even though I'm not infected.

I was only in Bit Torrent for three hours, with the Tor Network engaged, the other day, after being inactive for a month, and next day, sure enough, got another one of these Comcast notices.

Either way, Comcast seems to be able to detect some unwanted or irregular activity anytime I use Bit Torrent for any reason, for any length of time. When I don't use Bit Torrent, I never get messages from Comcast.

So do you know if you get the messages when you use the bat thing without Thor? Because . . . . because . . . a friend of mine does it that way and wanted me to ask.

No, only when I use the Tor network (which I don't claim to fully understand, it's a mid-range attempt to avoid or delay detection by trackers that collect and report) the downside appears to be, that it makes it look like my computer is a breeding ground of infection, a completely false signal.

I don't know how to set up a proxy, or do any of that technically-advanced Bit Torrent mojo. Wish I did.

When I use Bit Torrent using a regular, unaltered internet connection (with my I.P. apparently easily visible, and network and download activity easy to detect) I don't get that Comcast letter. Instead, I've gotten... the other ...Comcast warning letter...

Quoteguitarist
When I use Bit Torrent using a regular, unaltered internet connection (with my I.P. apparently easily visible, and network and download activity easy to detect) I don't get that Comcast letter. Instead, I've gotten... the other ...Comcast warning letter...

hmm, never got a warning from Comcast (My ISP) and there are times I use Bit Torrent for days at a time, both uploading and downloading. Legal content. but I'll DL 3-6 GB and upload about 1/2 that over a 2-3 day period

One time I had downloaded the client for some game. Their official download used bittorent I guess inside of the game and I had left for the weekend so I was uploading to everyone else. This made comcast think I had a bot on one of my computers. When I called they told me what kind of traffic I was getting and I remembered that and sure enough my computer was pegging my upload throughput. Maybe you're doing some heavy downloading and/or uploading for extended periods of time?

Quotepinion
One time I had downloaded the client for some game. Their official download used bittorent I guess inside of the game and I had left for the weekend so I was uploading to everyone else. This made comcast think I had a bot on one of my computers. When I called they told me what kind of traffic I was getting and I remembered that and sure enough my computer was pegging my upload throughput. Maybe you're doing some heavy downloading and/or uploading for extended periods of time?

You can throttle uploads, and calibrate this stuff. Most beginner-level folks just leave the default settings.

To Black: yes, the one that names names.

Not a good sign, to know activity is detected, logged, and acted on. It helps me understand why the Bit-Torrent world has layers and layers of expertise involved, hobbyists, technically-aware guys who know how to use plug ins, proxies, fine-tune settings, etc., in order to not step on any toes, or raise red flags.

Until I understand this better, I'm taking a pause. I've had to set aside my log ins, until I have more time to do more research and get better informed.